4
submitted 1 year ago by cool9@feddit.uk to c/privacyguides@lemmy.one

Hi All,
I would like to choose a new email provider, where security and privacy of the email is one of my main concerns (nothing to hide, but want to keep my data private, differently than what happens with the major providers). I have read maaany posts and websites guides but I am still confused. I am happy to pay a euro or so /month, so I had reduced my choice to Mailbox, Posteo, Mailfence. The problem is that each of them has some flows that don't let me go ahead with them!
Mailbox: uses PGP, so not straightforward to send encrypted emails (unlike with tutanota) and to have encryption at rest. No mobile app. Alias reuse after 90 days Posteo: no spam folder. ALias reuse after 24 months Mailfence : has no encryption at rest , no mobile app. Not sure about alias reuse

Have you got any comments on the above providers and /or other suggestions (except for Tutanota and Protonmail)? thank you, appreciated!

top 18 comments
sorted by: hot top controversial new old
[-] thomas@lemmy.zell-mbc.com 2 points 1 year ago* (last edited 1 year ago)

I used this guide when setting up my self hosted email: https://workaround.org/ispmail/buster/big-picture/

I also added in Ciphermail for email encryption and it's been almost hands off ever since.

Granted, there were quite a few things to digest until things were working as I wanted.

[-] infeeeee@lemm.ee 1 points 1 year ago

Why do you need a mobile app? It's just email, all IMAP clients should work.

I have a mailbox address since years, never use the webui for checking mails, only for changing some settings, I access my mails with Thunderbird on desktop, Fairemail on Android. Both apps have builtin PGP, so you shouldn't care what the provider supports.

The spam filter in mailbox is glorious, never got a spam there.

[-] pabloscloud@lemmy.world 1 points 1 year ago

Well imap isn't encrypted, right? That's why one can or rather needs to run a software with proton called proton bridge to get imap locally

[-] infeeeee@lemm.ee 1 points 1 year ago

Yes, but for me standards are more important than encryption. I can encrypt mails with pgp, than they are end to end encrypted, imap doesn't matter. I considered proton when I switched to mailbox, but usually I don't send encrypted mails, because the reciepents cant read them, so I wouldn't use the pros of proton.

[-] pabloscloud@lemmy.world 0 points 1 year ago

How come that the recipients can't read them?

[-] infeeeee@lemm.ee 0 points 1 year ago

If I send some proton encrypted email to a random gmail address what happens? On gmail side it's not encrypted. So what's the point for encrypting something only on one side? For PGP afaik we have to get the public key of the recipient so it requires some setup on both sides before the first mail. I wanted to say, usually I don't send emails like this,I send them to mortals, who would freak out if I would start to speak about things like this.

Once I setup pgp in thunderbird, but I never had the incentive to setup again after a reinstall, because I never used it (I still have my keys saved though). For encrypted communication about important topics I use Signal, and I could convince my most important friends to install it.

[-] TheButtonJustSpins@infosec.pub 1 points 1 year ago

I like Proton Mail. It does have a free tier, but the paid tier is pricier than you suggested in your post.

[-] Murks@discuss.tchncs.de 0 points 1 year ago

I use posteo.net for 10 years now, and I am super happy with them. I don't get spam, and I have never missed an email.

They choose not to use a spam folder system, and I understand their reasoning, and agree with them.

They sometimes get criticized for some other decision (something to do with certificates, if I remember correctly), but after reading their reasoning, I agree with them.

In my experience, they have now real downside, and I recommend them to everyone I know when they come to me with email problems.

[-] dngray@lemmy.one 1 points 1 year ago* (last edited 1 year ago)

Keep in mind posteo.net does not have DMARC which means anyone can spoof an email @posteo domain.

All of the other providers have this. Mailing lists can be used with DMARC.

[-] cool9@feddit.uk 1 points 1 year ago

Thank you for pointing this out. I am no way expert but trying to study and understand. I then found other negative comments regarding the lack of DMARC, while on posteo website they say: "We have a DMARC "none" policy for Posteo email domain names, since DMARC is currently not recommended for mailbox providers. Outbound DMARC policies are primarily "best-suited for transactional emails and semi-transactional emails" (dmarc-org FAQ). At the present, DMARC has implications which do not meet customers' individual use of email." link

The dmarc-org FAQ is interesting too. I understand that Posteo publishes thier DMARC record, if I am not wrong

I would appreciate your opinion, you seem competent! Thank you

[-] Vexz@feddit.de 0 points 1 year ago

Why the need for a specific mobile app for Mailbox? I use Mailbox in combination with FariEmail app on Android. It even supports PGP. Couldn't be happier.

load more comments
view more: next ›
this post was submitted on 17 Jun 2023
4 points (100.0% liked)

Privacy Guides

16763 readers
1 users here now

In the digital age, protecting your personal information might seem like an impossible task. We’re here to help.

This is a community for sharing news about privacy, posting information about cool privacy tools and services, and getting advice about your privacy journey.


You can subscribe to this community from any Kbin or Lemmy instance:

Learn more...


Check out our website at privacyguides.org before asking your questions here. We've tried answering the common questions and recommendations there!

Want to get involved? The website is open-source on GitHub, and your help would be appreciated!


This community is the "official" Privacy Guides community on Lemmy, which can be verified here. Other "Privacy Guides" communities on other Lemmy servers are not moderated by this team or associated with the website.


Moderation Rules:

  1. We prefer posting about open-source software whenever possible.
  2. This is not the place for self-promotion if you are not listed on privacyguides.org. If you want to be listed, make a suggestion on our forum first.
  3. No soliciting engagement: Don't ask for upvotes, follows, etc.
  4. Surveys, Fundraising, and Petitions must be pre-approved by the mod team.
  5. Be civil, no violence, hate speech. Assume people here are posting in good faith.
  6. Don't repost topics which have already been covered here.
  7. News posts must be related to privacy and security, and your post title must match the article headline exactly. Do not editorialize titles, you can post your opinions in the post body or a comment.
  8. Memes/images/video posts that could be summarized as text explanations should not be posted. Infographics and conference talks from reputable sources are acceptable.
  9. No help vampires: This is not a tech support subreddit, don't abuse our community's willingness to help. Questions related to privacy, security or privacy/security related software and their configurations are acceptable.
  10. No misinformation: Extraordinary claims must be matched with evidence.
  11. Do not post about VPNs or cryptocurrencies which are not listed on privacyguides.org. See Rule 2 for info on adding new recommendations to the website.
  12. General guides or software lists are not permitted. Original sources and research about specific topics are allowed as long as they are high quality and factual. We are not providing a platform for poorly-vetted, out-of-date or conflicting recommendations.

Additional Resources:

founded 1 year ago
MODERATORS